Pro Tips with Esben #36
This week we take a look at some ways to manage user profiles and ensure you don’t have too many unused profiles on public devices and have a view of how much space they take up.
Old profiles can start bloating up computers easily and take up unnecessary space, a problem that certain industries like education are all too familiar with. Having public devices that are used by a large number of unique users that log in and leave user profiles behind can easily start filling the device’s storage.
Today we’re looking at 2 ways you can manage user profiles better, Delprof2 and a Group Policy, and a script to view how much storage each user profile takes up.
Viewing User Profile Size
To view the user profile size, last time in Pro Tips 35, I covered how you can discover user profile sizes. So you can follow that blog post to get more insight into how much disk space user profiles are taking up on your devices.
The NTUSER.DAT and ntuser.ini Timestamp Issue
While I was researching this topic, I found that Microsoft itself has refused to fix a critical issue with the way that the age of user profiles are calculated. Solutions like Delprof and the Group Policy do not work anymore due to NTUSER.DAT and ntuser.ini getting updated outside of user logon. The only way to fix this is to run a PowerShell script with a scheduled task to ensure that the timestamp gets overwritten daily with the correct one, found in UsrClass.dat.
Thanks to the user AdamNoname-2629 on Microsoft’s learn site, we have a PowerShell script that does exactly that (please note that I have not personally validated this script).
$ErrorActionPreference = “SilentlyContinue”
$Report = $Null
$Path = "C:Users"
$ExcludedUsers = "Default", "Public", "Administrator"
$UserFolders = $Path | Get-ChildItem -Directory -Exclude $ExcludedUsers
ForEach ($UserFolder in $UserFolders)
{
$UserName = $UserFolder.Name
If (Test-Path “$Path$UserNameNTUser.dat”)
{
$NTUserDat = Get-Item "$Path$UserNameNTUSER.DAT" -force
$NTUserDatTimeStamp = $NTUserDat.LastWriteTime
$UsrClassDat = Get-Item "$Path$UsernameAppDataLocalMicrosoftWindowsUsrClass.dat" -force
$UserClassTimeStamp = $UsrClassDat.LastWriteTime
$NTUserDat.LastWriteTime = $UserClassTimeStamp
Write-Host $UserName $NTUserDatTimeStamp
Write-Host (Get-item $Path$UserNameAppDataLocalMicrosoftWindowsUsrClass.dat -Force).LastWriteTime
$Report = $Report + “$UserName`t$NTUserDatTimeStamp`r`n”
$NTUserDat = $Null
$UsrClassDat = $Null
}
}
Delprof & Delprof2
Delprof is a legacy Microsoft tool that deletes user profiles and all data that is stored in a user profile. This includes desktop settings, favorites, program-specific data that is contained in the Application Data folder, and the contents of the My Documents folder.
The original supports Windows 2000, Windows XP, and Windows Server 2003 and was unfortunately never renewed to support modern operating systems. Luckily someone modernized it and created Delprof2. Delprof2 has the following features:
- Delprof2 is syntax compatible to the original Delprof, but more powerful
- Delprof2 lets you explicitly specify which profiles to delete
- Delprof2 bypasses security to delete profiles regardless of current permissions/owner
- Delprof2 supports very long paths
- Delprof2 works on all modern versions of Windows
- Delprof2 is free for personal and commercial use
Delprof2 Custom Actions
We will be creating 2 custom actions. One to view what user profiles will be deleted, and one to execute the deletion. First, you’ll need to download the Delprof2 tool and place the executable in your Lansweeper Actions folder (C:Program Files (x86)LansweeperActions).
Once you have the executable in the Actions folder, you can navigate to the Asset Pages page in your Lansweeper web console and add the new custom actions.
The first one is to view what we will be deleting, in this example I am selecting user profiles older than 180 days. Obviously, you can adjust this to whatever number of days you like.
cmd /k {actionpath}delprof2.exe /c:\{smartname} /d:180 /l
Next is the action to delete the profiles that match the condition.
{actionpath}delprof2.exe /q /i /c:\{smartname} /d:180
Delprof2 supports a range of parameters, so if you want to get more advanced, you can find the full list of parameters on the Delprof2 website.
Group Policy
Microsoft has its own Group Policy that lets you automatically delete old user profiles named «Delete user profiles older than a specified number days on system restart».
While this GP reportedly suffers from the issue I mentioned above, once that issue is resolved it should in theory work. You can find this GP under Computer ConfigurationAdministrative TemplatesSystemUser Profiles.
If you’re interested in scanning whether the group policy is active, you can follow similar steps as I showed in Pro Tips 21. You can find the registry key needed on the group policy search site.